102 matches found
SUSE-SU-2022:3391-1 Security update for mariadb
This update for mariadb fixes the following issues: Update to 10.5.17: - CVE-2022-32082: Fixed assertion failure at table-getrefcount == 0 in dict0dict.cc bsc1201162. - CVE-2022-32089: Fixed segmentation fault via the component stselectlexunit::excludelevel bsc1201169. - CVE-2022-32081: Fixed...
mariadb: assertion failures in decimal_bin_size
A flaw was found in the MariaDB Server. It contains a global buffer overflow in the component, decimalbinsize, which is exploited via specially crafted SQL statements, impacting availability...
Updated mariadb packages fix security vulnerability
zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches. CVE-2018-25032 A use-after-poison in prepareinplaceaddvirtual at /storage/innobase/handler/handler0alter.cc. CVE-2022-32081 An assertion failure at table-getrefcount == 0 in...
mariadb: assertion failures in decimal_bin_size
A flaw was found in the MariaDB Server. It contains a global buffer overflow in the component, decimalbinsize, which is exploited via specially crafted SQL statements, impacting availability...
RHEL 8 : mariadb:10.5 (RHSA-2022:5826)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5826 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded ...
Integer overflows in Tensorflow
Impact The implementations of SparseCwise ops are vulnerable to integer overflows. These can be used to trigger large allocations so, OOM based denial of service or CHECK-fails when building new TensorShape objects so, assert failures based denial of service: python import tensorflow as tf import...
PYSEC-2022-78
Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via CHECK-fails i.e., assertion failures. This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. I...
Stack overflow
Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via CHECK-fails i.e., assertion failures. This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. I...
PYSEC-2022-133
Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via CHECK-fails i.e., assertion failures. This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. I...
CVE-2022-23569
Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via CHECK-fails i.e., assertion failures. This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. I...
CVE-2022-23569 `CHECK`-fails when building invalid tensor shapes in Tensorflow
Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via CHECK-fails i.e., assertion failures. This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. I...
CVE-2022-23569
TensorFlow/CVE-2022-23569: Denial‑of‑service via CHECK‑fails (assertion failures) across multiple ops in TensorFlow/TFLite, caused by invalid tensor shapes and related checks. Root cause: assertion failures in core paths; fixes released as patches implemented in GitHub commits. Remediation: upgra...
PYSEC-2022-131
Tensorflow is an Open Source Machine Learning Framework. The implementations of SparseCwise ops are vulnerable to integer overflows. These can be used to trigger large allocations so, OOM based denial of service or CHECK-fails when building new TensorShape objects so, assert failures based denial...
ROS-2-1974
2.1974 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...
Zephyr 安全漏洞
Zephyr is an open source, small, scalable, real-time operating system. a security vulnerability exists in Zephyr, which stems from truncated L2CAP K-frames causing assertion failures. No detailed vulnerability details are available at this time...
ROS-2-472
2.472 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...
ROS-2-582
2.582 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...
ROS-2-983
2.983 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...
ROS-2-1247
2.1247 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...
Live555 安全漏洞
Live555 is a cross-platform C++ open source project that provides a solution for streaming media and implements support for standard streaming media transport protocols such as RTP/RTCP, RTSP, SIP, and others. A security vulnerability exists in Live555, which stems from liveMedia/FramedSource.cpp...